Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-26164

Опубликовано: 07 окт. 2020
Источник: debian
EPSS Низкий

Описание

In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
kdeconnectfixed20.08.2-1package
kdeconnectno-dsabusterpackage
kdeconnectno-dsastretchpackage

Примечания

  • https://kde.org/info/security/advisory-20201002-1.txt

  • https://invent.kde.org/network/kdeconnect-kde/-/commit/f183b5447bad47655c21af87214579f03bf3a163

  • https://invent.kde.org/network/kdeconnect-kde/-/commit/b279c52101d3f7cc30a26086d58de0b5f1c547fa

  • https://invent.kde.org/network/kdeconnect-kde/-/commit/d35b88c1b25fe13715f9170f18674d476ca9acdc

  • https://invent.kde.org/network/kdeconnect-kde/-/commit/b496e66899e5bc9547b6537a7f44ab44dd0aaf38

  • https://invent.kde.org/network/kdeconnect-kde/-/commit/5310eae85dbdf92fba30375238a2481f2e34943e

  • https://invent.kde.org/network/kdeconnect-kde/-/commit/721ba9faafb79aac73973410ee1dd3624ded97a5

  • https://invent.kde.org/network/kdeconnect-kde/-/commit/ae58b9dec49c809b85b5404cee17946116f8a706

  • https://invent.kde.org/network/kdeconnect-kde/-/commit/66c768aa9e7fba30b119c8b801efd49ed1270b0a

  • https://invent.kde.org/network/kdeconnect-kde/-/commit/85b691e40f525e22ca5cc4ebe79c361d71d7dc05

  • https://invent.kde.org/network/kdeconnect-kde/-/commit/48180b46552d40729a36b7431e97bbe2b5379306

  • https://www.openwall.com/lists/oss-security/2020/10/13/4

EPSS

Процентиль: 27%
0.00095
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2020-26164

CVSS3: 5.5
ubuntu
больше 5 лет назад

In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.

nvd логотип

CVE-2020-26164

CVSS3: 5.5
nvd
больше 5 лет назад

In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.

suse-cvrf логотип

openSUSE-SU-2020:1631-1

suse-cvrf
больше 5 лет назад

Security update for kdeconnect-kde

github логотип

GHSA-6f3v-3c9w-7rq7

CVSS3: 5.5
github
больше 3 лет назад

In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.

EPSS

Процентиль: 27%
0.00095
Низкий